Mageia: Security Advisory (MGASA-2020-0073)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8428

fs/namei.c in the Linux kernel before 5.5 has a maycreateinsticky use-after-free, which allows local users to cause a denial of service OOPS or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if...

CVE-2020-8428

fs/namei.c in the Linux kernel before 5.5 has a maycreateinsticky use-after-free, which allows local users to cause a denial of service OOPS or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if...

Design/Logic Flaw

The mountpointlast function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service memory consumption or use-after-free ...

CVE-2014-5045

CVE-2014-5045 – Linux kernel mountpoint_last bug (pre-3.15.8) Affected: Linux kernel versions prior to 3.15.8.Root cause: The mountpoint_last function in fs/namei.c does not properly maintain a reference count when unmount is used in conjunction with a symlink.Impact: Local users could cause deni...

Design/Logic Flaw

The dofollowlink function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service incorrect free operations and system crash via an open system call...

CVE-2014-0203

CVE-2014-0203 affects the Linux kernel up to version 2.6.32.x, where the __do_follow_link function in fs/namei.c mishandles the last pathname component for certain filesystems, enabling a local attacker to trigger a denial of service (incorrect free operations and system crash) via an open() call...

CVE-2013-2188

A certain Red Hat patch to the dofilpopen function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux RHEL 6 does not properly handle failure to obtain write permissions, which allows local users to cause a denial of service system crash by leveraging acces...

CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUPFOLLOW...

CVE-2008-3275

The 1 reallookup and 2 lookuphash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted aka SDEAD directory, which allows local users to cause a denial of service "overflow" of the UBIFS orphan area via a...